1
22
23 package com.liferay.portal.spring.servlet;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.GetterUtil;
28 import com.liferay.portal.model.User;
29 import com.liferay.portal.security.auth.CompanyThreadLocal;
30 import com.liferay.portal.security.auth.PrincipalThreadLocal;
31 import com.liferay.portal.security.permission.PermissionChecker;
32 import com.liferay.portal.security.permission.PermissionCheckerFactory;
33 import com.liferay.portal.security.permission.PermissionThreadLocal;
34 import com.liferay.portal.service.UserLocalServiceUtil;
35 import com.liferay.portal.spring.context.TunnelApplicationContext;
36 import com.liferay.portal.util.PortalInstances;
37
38 import javax.servlet.ServletException;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
41
42 import org.springframework.web.servlet.DispatcherServlet;
43
44
49 public class RemotingServlet extends DispatcherServlet {
50
51 public static final String CONTEXT_CLASS =
52 TunnelApplicationContext.class.getName();
53
54 public static final String CONTEXT_CONFIG_LOCATION =
55 "/WEB-INF/remoting-servlet.xml,/WEB-INF/remoting-servlet-ext.xml";
56
57 public Class<?> getContextClass() {
58 try {
59 return Class.forName(CONTEXT_CLASS);
60 }
61 catch (Exception e) {
62 _log.error(e);
63 }
64
65 return null;
66 }
67
68 public String getContextConfigLocation() {
69 return CONTEXT_CONFIG_LOCATION;
70 }
71
72 public void service(
73 HttpServletRequest request, HttpServletResponse response)
74 throws ServletException {
75
76 PermissionChecker permissionChecker = null;
77
78 try {
79 String remoteUser = request.getRemoteUser();
80
81 if (_log.isDebugEnabled()) {
82 _log.debug("Remote user " + remoteUser);
83 }
84
85 long companyId = PortalInstances.getCompanyId(request);
86
87 CompanyThreadLocal.setCompanyId(companyId);
88
89 if (remoteUser != null) {
90 PrincipalThreadLocal.setName(remoteUser);
91
92 long userId = GetterUtil.getLong(remoteUser);
93
94 User user = UserLocalServiceUtil.getUserById(userId);
95
96 permissionChecker = PermissionCheckerFactory.create(user, true);
97
98 PermissionThreadLocal.setPermissionChecker(permissionChecker);
99 }
100 else {
101 if (_log.isWarnEnabled()) {
102 _log.warn(
103 "User id is not provided. An exception will be " +
104 "thrown if a protected method is accessed.");
105 }
106 }
107
108 super.service(request, response);
109 }
110 catch (Exception e) {
111 throw new ServletException(e);
112 }
113 finally {
114 try {
115 PermissionCheckerFactory.recycle(permissionChecker);
116 }
117 catch (Exception e) {
118 }
119 }
120 }
121
122 private static Log _log = LogFactoryUtil.getLog(RemotingServlet.class);
123
124 }